2 matches found
CVE-2018-1000616
ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity XXE vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml that can result in An adversary can remotely launch XXE attacks on ONOS controller via an...
CVE-2018-1000616
CVE-2018-1000616 affects ONOS controller versions 1.13.1 and earlier. The vulnerability is a XML External Entity (XXE) flaw in XmlConfigParser.loadxml() that can enable remote XXE attacks over network via an OpenConfig Terminal Device. Multiple sources (including Red Hat, Veracode, OSV, NVD/CVE r...